Existing TLS certificates in Symantec Messaging Gateway (SMG) may be updated with another signed certificate to extend the validity date or to update other aspects of the certificate such as the message digest / hash algorithm used provided that the signed certificate meets the following criteria:
To update an existing certificate:
The certificate will be compared with currently installed certificates and their private keys to determine which installed certificate to be updated so the installed certificate to be updated does not need to be selected. The operation will fail if the Control Center cannot match the imported certificate to an existing certificate. In that case the new certificate may have a different key length or public / private key. If the Control Center does not recognize the imported key as matching an existing key the new certificate may be imported using the normal procedure for importing a new certificate / key pair (HOWTO92422).
Once the certificate is updated, the Control Center will automatically update the scanners with the new certificate data.